Goodbye Pod Security Policy – Hello Stronger Alternatives
Watch Mario's talk at ContainerDays 2021!
With the latest Kubernetes 1.21 release, pod security policy has been deprecated, leaving many Kubernetes users at risk of being exposed to various exploits.
In the meantime, stronger alternatives have emerged in the form of Open Policy Agent and Kyverno. Each of them brings its own strengths and weaknesses. Both of these projects are viable replacements for PSP: They are vastly more capable than simply acting on Pods alone – they are full Kubernetes policy engines.
Let’s have a look together to figure out which one fits your requirements.
Mario Fahlandt, Kubernetes Consultant at Kubermatic